漏洞标题
N/A
漏洞描述信息
在Cisco ASR 5000系列路由器的StarOS IPsec组件中存在一个漏洞,可能导致无验证的远程攻击者终止所有正在运行的IPsec VPN隧道,并阻止新隧道的创建,从而导致拒绝服务(DoS)情况。该漏洞会影响以下 Cisco 产品:Cisco ASR 5000/5500系列路由器,Cisco虚拟化数据包核心(VPC)。更多信息:CSCva13631。已知受影响的发布版本:20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246。已知固定发布版本:20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Known Fixed Releases: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Cisco ASR 5000 Series routers 拒绝服务漏洞
漏洞描述信息
Cisco ASR 5000 Series routers是美国思科(Cisco)公司的ASR 5000系列多功能路由器。 Cisco ASR 5000 Series routers中的IPsec组件存在拒绝服务漏洞,该漏洞源于程序没有正确处理Internet Key Exchange (IKE)消息。攻击者可利用该漏洞造成拒绝服务。
CVSS信息
N/A
漏洞类别
资源管理错误